» COVER FEATURE
A DETERMINISTIC APPROACH TO CYBERSECURITY With an approach that redefines cybersecurity, Virsec’s Deterministic Protection Platform offers protection against zero-days and evolving attacks to workloads deployed in production
C
ybersecurity today needs to overcome sophisticated attacks before they can penetrate infrastructure and software. Easier said than done because these attacks are unpredictable and are evolving fast. Hence there is a need for an entirely redefined approach that ensures better protection against zero-days, evolving attacks and, known and unknown threats to workloads deployed in production. With its Deterministic Protection Platform (DPP), Virsec delivers a solution that meets these requirements to secure critical infrastructure at all times. Dave Furneaux, CEO, Virsec says, “At Virsec, we recognize that the only way to overcome the most sophisticated types of cyber threats is true protection. Cybersecurity is an industry of innovation. Technology needs to constantly evolve and at a fast pace at that, because attackers tend to exploit software at their very core in innovative and unpredictable ways. There is no singular or fixed pattern that can be tracked and cracked; hence it is crucial that threats are stopped before they can start to infiltrate the system. The Deterministic Protection Platform (DPP) by Virsec is the only solution that ensures precise protection against zero-days and evolving attacks to workloads deployed in production. Runtime protection is key, as DPP reduces threat actor dwell time from minutes to milliseconds across the full software stack. Our focus allows us understanding and thwart attacks from their source, that is prevention within the application itself, rather than attempting to trace the attacker.” Traditional security can no longer handle today’s cyberattacks that have become increasingly complex where actors exploit systems at
16
CXO DX / MARCH 2022
the core to obtain control of server workloads. With conventional security solutions, attackers can bypass detection and gain access. Dave adds, “Conventional security solutions are probabilistic in their approach as they rely on heuristics or AI to “guess” if an attack has occurred, typically by analyzing logs after an incident has occured. As a result, breaches keep happening, with attacker dwell times averaging almost seven days. Additionally, these tools generate hundreds of false positive alerts – overwhelming precious security resources with having to investigate and respond to each one. Certain market segments such as defence, banking, government, national and critical infrastructure, amongst others, cannot afford the risks of being exploited. Critical infrastructure systems require full protection to prevent data theft, service disruption, and financial losses. Virsec has a unique approach to mitigating these risks, rooted in determinism.” Rather than focusing on the attacker and past behaviour, Virsec focuses on the application in runtime. An application is built using code, and once a specific code is written and used to build an application, it will always produce the same results and the same outcome when executed. This repetition is the biggest indicator of proper functioning – if there are any anomalies, and when the code starts acting in ways that are not part of the original infrastructure, it is a warning sign. Dave elaborates, “With Virsec’s technology, namely our Deterministic Protection Platform, these deviations are detected early and stopped before major damage or downtime is caused. With DPP, Virsec is making security response obsolete by offering the protection those probabilistic solutions do not. DPP ensures automatic protection against all known and unknown threats to vulnerable workloads, but it also reduces adversary dwell time from minutes to milliseconds, specifically protecting against ransomware, remote code execution, supply chain poisoning, and memory-based attacks.Virsec have made significant investment and developed numerous patents rooted in our first-principles approach to protection, which separate us from traditional security tools.” Traditional approaches to protection rely on monitoring systems from a distance and only reacting once the attack has taken place – at this
